EP1420343A1 - Apparatus and method for realizing statetransition of computing device - Google Patents

Apparatus and method for realizing statetransition of computing device Download PDF

Info

Publication number
EP1420343A1
EP1420343A1 EP02719628A EP02719628A EP1420343A1 EP 1420343 A1 EP1420343 A1 EP 1420343A1 EP 02719628 A EP02719628 A EP 02719628A EP 02719628 A EP02719628 A EP 02719628A EP 1420343 A1 EP1420343 A1 EP 1420343A1
Authority
EP
European Patent Office
Prior art keywords
computing system
status
switching
unit
cpu
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP02719628A
Other languages
German (de)
French (fr)
Other versions
EP1420343A4 (en
Inventor
Tong Shao
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of EP1420343A1 publication Critical patent/EP1420343A1/en
Publication of EP1420343A4 publication Critical patent/EP1420343A4/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45575Starting, stopping, suspending or resuming virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect

Definitions

  • the invention relates to a computing system such as a computer, a Personal Digital Assistant, or a mobile phone, and more particularly, to the computing system being accessible to both an internal network and an external network and being able to quickly and switch therebetween without being shut down.
  • an internal network such as an office or a confidential Local Area Network
  • external network such as the Internet.
  • Some home PCs having private data also need physical separation from the external network.
  • the earliest predecessor solution to this problem was using two computers respectively connected to internal and external networks. Bringing high security however requiring two computers, it is too expensive and can not efficiently exchange data between the internal and the external networks.
  • a later resolution was the dual-mainboard solution. Though uses a common computer chassis and shares one display and one keyboard, it still employs two computers essentially. It has the same problem as its ancestors.
  • the single hard drive solution also successfully solves the problem of system recovery when the system collapses.
  • a swap area is established on the hard disk, which can be read from or written on when the external network is started up, or can be read from however without being written on when the internal is started up. Information is allowed to flow one-way from the external network to the internal, preventing any automatic disclosure of the internal data.
  • the swap area can be arranged to be readable and writable at any time, which will sacrifice certain security performance. Generally, data exchanges between the internal and the external networks can be done flexibly and safely, keeping a secured separation is always desirable.
  • a smart card either works slowly or is expensive, which makes the users have to choose encryption algorithms having relatively weaker security performance. Therefore, the best way is to make full use of the computer at client terminal, making it 1. be able to physically separate the internal and the external systems, making any internal system information inaccessible from any program and individual including the user he himself; 2. when the computer is connected to internal network, the user can selectively send relevant information to the external system, and in order to ensure security, the control program will not be able to be changed by any virus: it should be write-protected; and, 3. the switching between the internal and the external systems should be conveniently and quickly.
  • the spirit of the invention for above mentioned computer can be applied to all computing devices such as the portable computing devices.
  • a user may access the external network when internet communication is needed.
  • digital signature is needed, the user can enter the internal system, and then send documents bearing digital signatures to the expected destinations via external network.
  • a computer which is able to "simultaneously" use two operating systems will also provide convenience for computer education on multiple operating systems.
  • the main object of the invention is to provide a computing system such as a computer, a Personal Digital Assistant, or a mobile phone, being accessible to both an internal network and an external network and being able to quickly switch therebetween without being shut down while ensuring a physical separation between above two networks.
  • a computing system such as a computer, a Personal Digital Assistant, or a mobile phone
  • Fig. 1 is a schematic flow chart showing operation of the computing system according to the invention.
  • a usually used conventional way is to reboot the computing system, select a hard disk corresponding to the desired network and having an independent operating system, and enter the operating system to work.
  • a drawback of such a way is slowness which is very unsuitable for some circumstances that need quick switching.
  • a computing system consisting of clock, logic execution unit, and all variable registers can be theoretically deemed as a system of status.
  • a state of all current variable registers defines a status of a computing system. For example, a state defined by all the variable registers when a computing system only has an internal network connection and one corresponding operating system defines a status of such computing system; and another state defined by the same all registers when the same computing system only has an external network connection and one corresponding operating system defines another status thereof.
  • the computing system has:
  • the input unit 20 may include a keyboard, a mouse, a touch screen, an E-mail, or other information receiver.
  • the switches 31, 32, 33, and 34 can be either electronic switches or mechanical switches.
  • a monitor 16 is communicatively connected to the video memory controller 14 through a display controller 15 for monitoring operation of the computing system.
  • the memory 11, the video memory 12, the hard disk 17, and all the variable registers of the computing system defining a status of the computing system are changed into the other variables defining the other status.
  • the memory 11, the video memory 12, and the hard disk 17 can be virtually deemed respectively as another identical memory 21, another video memory 22, and another hard disk 23 specially used under either one status.
  • the switch program 36 may have an ID verification unit 37 thereof used to confirm a validity of the user, and making the switching unit 30 either to proceed or stop respectively when the identification is passed or failed.
  • the computing system is able to be a computer, a Personal Digital Assistant, or a mobile phone, each of which has all the features and characteristics defined by the aforementioned computing system.
  • the invention further provide a method of safely and quickly switching between an internal network 50 and an external network 40 for a computing system having a CPU 10, a first status, a second status, an input unit 20, a switching unit 30 having a trigger 35, and, a switch program 36, wherein the method comprises following steps:
  • step 2) of above process may be:
  • a further sub-step (3.1) may be added into (3) wherein before the switch program 36 starts backing-up the data, a further confirmation of a judging unit 37 is required.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Mathematical Physics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses a computing system such as a computer, a Personal Digital Assistant, or a mobile phone, being connected both to an internal network and an external network and being able to quickly and safely switch therebetween without being shut down while ensuring a physical separation between the two networks. When a user inputs a request of switching, a switching unit will set a trigger thereof and generate a consequent non-maskable interrupt to CPU. After receives the NMI, the CPU controls the switching unit to run a switch program kept therein to back up a current status of the system. Then the switch program backs up a current status, controls the switching unit to interrupt all serving programs and loads the other status other than the current status to the computing system, and finally control the switching unit to reset the trigger.

Description

    Background of the Present Invention Field of Invention
  • The invention relates to a computing system such as a computer, a Personal Digital Assistant, or a mobile phone, and more particularly, to the computing system being accessible to both an internal network and an external network and being able to quickly and switch therebetween without being shut down.
    • Description of Related Arts
  • At present, in consideration of information security, an internal network such as an office or a confidential Local Area Network, is usually physically separated from external network such as the Internet. Some home PCs having private data also need physical separation from the external network. The earliest predecessor solution to this problem was using two computers respectively connected to internal and external networks. Bringing high security however requiring two computers, it is too expensive and can not efficiently exchange data between the internal and the external networks. A later resolution was the dual-mainboard solution. Though uses a common computer chassis and shares one display and one keyboard, it still employs two computers essentially. It has the same problem as its ancestors.
  • Latterly, dual hard disk and then single hard disk solutions came up. The first one means that two hard disks are used by one computer. When using the internal network, a computer boots up with an "internal use only" hard disk and when it needs to be connected to the external network, a user can boot from the other hard disk connected and used by external network only. In this situation, once the external network is started up, the hard disk or network connected to the internal network is physically separated, i.e. the internal system is absolutely not accessible or at least is not able to be effectively read from or written on. Thus, a user is able to use either the internal system or the external system with one computer, with the physical separation of the internal and the external networks and consequent security of the internal data.
  • Although the solution of dual hard disk securely separated the internal and external networks, it requires two hard disks, which still costs relative high. In the single hard disk solution, the hard disk is divided into two partitions, each having its own operating system used independently by the internal or external network, respectively. A user can choose to boot either, the internal or the external network. In this solution, when the computer is connected to the external network, data of the internal network is not readable and/or writable and more than one operating systems need to be started up, as disclosed in the patented Chinese invention ZL 94,111,461 owned by the same inventor. When more than one operating systems need to be started up, a good way is "twice startup" disclosed in Chinese patent ZL 97,116,855 of the same inventor. At the same time, the single hard drive solution also successfully solves the problem of system recovery when the system collapses. Additionally, in the solution, a swap area is established on the hard disk, which can be read from or written on when the external network is started up, or can be read from however without being written on when the internal is started up. Information is allowed to flow one-way from the external network to the internal, preventing any automatic disclosure of the internal data. The swap area can be arranged to be readable and writable at any time, which will sacrifice certain security performance. Generally, data exchanges between the internal and the external networks can be done flexibly and safely, keeping a secured separation is always desirable.
  • However, for either the single hard disk solution or the dual hard disk solution, if a user wants to switch between the internal and the external systems, the computer must be rebooted for purpose of security. It is obviously very inconvenient for users. Especially in e-business, a user frequently needs to communicate and exchange information with other external network users via the external network. And when he needs a digital signature, he may hope to enter the internal network where the signature key is placed to prevent any ill-willed hacker from getting it. After the information is safely signed, the user needs to come back into the external system to exchange the information with other relevant external network users. In that way, programs and keys for signature are kept in the internal system to ensure their security, and can be used in e-commerce while security is guaranteed.
  • The most important issue in the Internet-based e-commerce is security. At client terminals, due to non-one-hundred-percent virus protection, ill-willed hacker invasions, and BOs, there exists the possibility for the information in client terminal computers to be illegally accessed. However, it is unaffordably serious if the information of a key used for digital signature, which is used to identify clients and sign contracts, is so accessed. It means the information of the key must be kept at an inaccessible place. An US patent numbered 99,806,523 filed on May 13, 1999 by Wave Systems Corp. disclosed a solution that employs a special-use computer for digital signature. But the computer, e.g. a smart card, either works slowly or is expensive, which makes the users have to choose encryption algorithms having relatively weaker security performance. Therefore, the best way is to make full use of the computer at client terminal, making it 1. be able to physically separate the internal and the external systems, making any internal system information inaccessible from any program and individual including the user he himself; 2. when the computer is connected to internal network, the user can selectively send relevant information to the external system, and in order to ensure security, the control program will not be able to be changed by any virus: it should be write-protected; and, 3. the switching between the internal and the external systems should be conveniently and quickly.
  • The spirit of the invention for above mentioned computer can be applied to all computing devices such as the portable computing devices. A user may access the external network when internet communication is needed. When digital signature is needed, the user can enter the internal system, and then send documents bearing digital signatures to the expected destinations via external network.
  • A computer which is able to "simultaneously" use two operating systems will also provide convenience for computer education on multiple operating systems.
    • Summary of the Present Invention
  • The main object of the invention is to provide a computing system such as a computer, a Personal Digital Assistant, or a mobile phone, being accessible to both an internal network and an external network and being able to quickly switch therebetween without being shut down while ensuring a physical separation between above two networks.
  • These and other objectives, features, and advantages of the present invention will become apparent from the following detailed description, the accompanying drawings, and the appended claims.
    • Brief Description of the Drawings
  • Fig. 1 is a schematic flow chart showing operation of the computing system according to the invention.
    • Detailed Description of the Preferred Embodiment
  • For computing systems that are communicatively connected to both an internal network and an external network and that need physical separation and switching between the networks, a usually used conventional way is to reboot the computing system, select a hard disk corresponding to the desired network and having an independent operating system, and enter the operating system to work. A drawback of such a way is slowness which is very unsuitable for some circumstances that need quick switching.
  • In one aspect, a computing system consisting of clock, logic execution unit, and all variable registers can be theoretically deemed as a system of status. A state of all current variable registers defines a status of a computing system. For example, a state defined by all the variable registers when a computing system only has an internal network connection and one corresponding operating system defines a status of such computing system; and another state defined by the same all registers when the same computing system only has an external network connection and one corresponding operating system defines another status thereof.
  • So it is considered that if statuses of a computing system can be backed up and recovered, and can be quickly switched therebetween without being shut down while ensuring a physical separation, it will bring much convenience to computing system users.
  • With reference to Fig. 1, operation of a computing system according to the invention is shown. The computing system has:
  • a CPU 10 communicatively connected to a memory controller 13, a video memory controller 14, a hard disk controller 18, and a network adapter controller 19, each of which respectively and communicatively connected to a memory 11, a video memory 12, a hard disk 17, and a network unit connected either to an external network 40 or to an internal network 50, respectively through a memory switch 31, a video memory switch 32, a hard drive switch 33, and a network switch 34;
  • an input unit 20 which is able to input a request of switching to the CPU 10;
  • a first status thereof defined by states of all variable registers thereof when the computing system is only connected to the internal network 50 and runs one corresponding operating system;
  • a second status thereof defined by states of the same all registers when the computing system is only connected to the external network 40 and runs another corresponding operating system;
  • a switching unit 30 being communicatively connected to the CPU 10 and all above switches 31, 32, 33, and 34, respectively, and having a trigger 35 which is able to generate a non-maskable interrupt 351 to the CPU 10 after the switching unit 30 receives a command of switching from the CPU 10 responding to the request of switching; and,
  • a switch program 36 which is kept in the switching unit 30, which has backups of both the statuses in the hard disk, the memory, or a network server, and which, after the CPU 10 receives the non-maskable interrupt 351, is able to backup a current status, control the switching unit 30 to control all the switches 31, 32, 33, and 34 to interrupt all serving programs, then load the other status other than the current status to the computing system, and finally control the switching unit 30 to reset the trigger 35.
  • The input unit 20 may include a keyboard, a mouse, a touch screen, an E-mail, or other information receiver. The switches 31, 32, 33, and 34 can be either electronic switches or mechanical switches.
  • A monitor 16 is communicatively connected to the video memory controller 14 through a display controller 15 for monitoring operation of the computing system.
  • After a switching, all variables in the CPU 10, the memory 11, the video memory 12, the hard disk 17, and all the variable registers of the computing system defining a status of the computing system are changed into the other variables defining the other status. Thus the memory 11, the video memory 12, and the hard disk 17 can be virtually deemed respectively as another identical memory 21, another video memory 22, and another hard disk 23 specially used under either one status.
  • The switch program 36 may have an ID verification unit 37 thereof used to confirm a validity of the user, and making the switching unit 30 either to proceed or stop respectively when the identification is passed or failed. From above disclosure, it could be seen that the computing system is able to be a computer, a Personal Digital Assistant, or a mobile phone, each of which has all the features and characteristics defined by the aforementioned computing system.
  • The invention further provide a method of safely and quickly switching between an internal network 50 and an external network 40 for a computing system having a CPU 10, a first status, a second status, an input unit 20, a switching unit 30 having a trigger 35, and, a switch program 36, wherein the method comprises following steps:
  • 1) input a request of switching via the input unit 20 when the computing system is in one of the two statuses;
  • 2) after receiving the request of switching, the CPU 10 runs the switch program 36; and,
  • 3) the switch program 36 backs up a current status, control the switching unit 30 to interrupt all serving programs and loads the other status other than the current status to the computing system.
  • Alternatively, the step 2) of above process may be:
  • 2.1) after receiving the request of switching, the CPU sends a command of switching to the switching unit;
  • 2.2) the switching unit sets the trigger which generates a consequent non-maskable interrupt back to the CPU;
  • 2.3) after and only after receives the non-maskable interrupt 351, the CPU 10 runs the switch program 36.
  • In above method, a further sub-step (3.1) may be added into (3) wherein before the switch program 36 starts backing-up the data, a further confirmation of a judging unit 37 is required.
  • In the above disclosed invention, it could be apparent to a person of related art that no matter which status the computing system is currently in, the computing system is able to be absolutely disconnected from any network 40 or 50 either physically or with software whenever desired by a user.
  • One skilled in the art will understand that the embodiment of the present invention as shown in the drawings and described above is exemplar only and not intended to be limiting.
  • It will thus be seen that the objects of the present invention have been fully and effectively accomplished. Its embodiments have been shown and described for the purposes of illustrating the functional and structural principles of the present invention and is subject to change without departure from such principles. Therefore, this invention includes all modifications encompassed within the spirit and scope of the following claims.

Claims (19)

  1. A computing system comprising:
    a CPU communicatively connected to a memory controller being communicatively connected to a memory connected either to an external operating system or to an internal operating system , through a switching unit;
    an input unit that is able to input a request of switching;
    a first status thereof defined by states of all variable registers thereof when said computing system is only connected to said internal operating system;
    a second status thereof defined by states of said all variable registers when said computing system is only connected to said external operating system;
    a switching unit being communicatively connected to said CPU and all said switches, respectively, has backups of both said statuses, and is able to backup a current status, control said general switch to control all said switches to interrupt all serving programs, then load the other status other than said current status to the computing system.
  2. The computing system as claimed in claim 1 wherein said CPU also communicatively connected to a video memory controller, or a hard disk controller, or a network adapter controller, each of which being respectively and communicatively connected to a video memory, a hard disk, and a network unit connected either to an external network or to an internal network, respectively through a video memory switch, a hard drive switch, and a network switch.
  3. The computing system as claimed in claim 2, wherein said input unit comprises a keyboard, or a mouse, or a touch screen, or E-mail, or other information receiver.
  4. The computing system as claimed in claim 1, wherein a switching unit having a trigger that is able to generate a non-maskable interrupt to said CPU after said switching unit receives a command of switching from said CPU responding to said request of switching.
  5. The computing system as claimed in claim 4, wherein a switch program is kept in said switching unit, and which has backups of both said statuses, and which, after said CPU receives said non-maskable interrupt, is able to backup a current status, control said general switch to control all said switches to interrupt all serving programs, then load the other status other than said current status to the computing system, and finally control said switching unit to reset said trigger.
  6. The computing system as claimed in claim 5, wherein said computing system includes a supervising unit being able to monitor an execution process of said switch program running in said CPU, and allow said switch program to proceed if said supervising unit confirms said process has always been in a script of said switch program, or prohibit said switch control unit from any action if said supervising unit fails to confirm.
  7. The computing system as claimed in claim 5, wherein said switch program has an ID verification unit thereof used to confirm a validity of a user, and making said switching unit either to proceed or stop respectively when identification is passed or failed.
  8. The computing system as claimed in claim 1, wherein said computing system is a computer, or a Personal Digital Assistant, or a mobile phone.
  9. The computing system as claimed in claim 1, wherein said backups of both said status are kept in said hard disk.
  10. The computing system as claimed in claim 1, wherein said backups of both said status are kept in said memory.
  11. The computing system as claimed in claim 1, wherein said backups of both said status are kept in a network server.
  12. The computing system as claimed in claim 1, wherein said computing system is absolutely disconnected from any network either physically or with software whenever desired by a user, no matter which status said computing system is currently in.
  13. The computing system as claimed in claim 1, wherein said switches are electronic switches.
  14. The computing system as claimed in claim 1, wherein said switches are mechanical switches.
  15. A method of safely and quickly switching between an internal operating system and an external operating system for a computing system having a CPU, an input unit, a first status, a second status, a switching unit, and, a switch program, wherein said method comprises following steps:
    (1) input a request of switching via said input unit when said computing system is in one of said two statuses;
    (2) after receiving said request of switching, said CPU runs said switch program; and
    (3) said switch program backs up a current status, control said switching unit to interrupt all serving programs and loads the other status other than said current status to the computing system.
  16. The method as claimed in claim 15, said switching unit having a trigger, and, a switch program kept in said switching unit, wherein step (2) may be
    (2.1) after receiving said request of switching, said CPU sends a command of switching to said switching unit;
    (2.2) said switching unit sets said trigger which generates a consequent non-maskable interrupt back to said CPU; and
    (2.3) after and only after said receives said non-maskable interrupt, said CPU runs said switch program.
  17. The method as claimed in claim 15, wherein a further sub-step (3.1) may be added into step (3) wherein before said switch program starts backing up said current status, a further confirmation of a judging unit kept in said switching unit is required.
  18. The method as claimed in claim 15, wherein in step (1) a request of switching may be E-mail, keyboard, mouse, command, other information.
  19. The method as claimed in claim 15, wherein step (3) is that said supervising unit monitors an execution process of said switch program running in said CPU, and either (3a) allows said switch program to back up a current status, control said switching unit to interrupt all serving programs and loads the other status other than said current status to said computing system, and finally control said switching unit to reset said first trigger if said supervising unit confirms that said process has always been in a script of said switch program, or (3b) prohibit said switch control unit from any action if said supervising unit fails to confirm.
EP02719628A 2001-04-27 2002-04-27 Apparatus and method for realizing statetransition of computing device Withdrawn EP1420343A4 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN01115545 2001-04-27
CNB011155450A CN100356349C (en) 2001-04-27 2001-04-27 Device and method for changing state of computing equipment
PCT/CN2002/000300 WO2002088955A2 (en) 2001-04-27 2002-04-27 Apparatus and method for realizing statetransition of computing device

Publications (2)

Publication Number Publication Date
EP1420343A1 true EP1420343A1 (en) 2004-05-19
EP1420343A4 EP1420343A4 (en) 2008-10-22

Family

ID=4662049

Family Applications (1)

Application Number Title Priority Date Filing Date
EP02719628A Withdrawn EP1420343A4 (en) 2001-04-27 2002-04-27 Apparatus and method for realizing statetransition of computing device

Country Status (3)

Country Link
EP (1) EP1420343A4 (en)
CN (1) CN100356349C (en)
WO (1) WO2002088955A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069555A (en) * 2020-08-13 2020-12-11 中国电子科技集团公司第三十研究所 Safe computer architecture based on double-hard-disk cold switching operation

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100383744C (en) * 2004-12-24 2008-04-23 联想(北京)有限公司 Method for switching multiple operation systems of computer
CN101997960A (en) * 2009-08-14 2011-03-30 黄金富 High-safety two-operating system mobile phone capable of resisting hackers and being used for Internet banking
CN102799498A (en) * 2011-05-27 2012-11-28 鸿富锦精密工业(深圳)有限公司 Method and system for rapidly switching computer states
CN102867158B (en) * 2011-07-07 2016-03-30 联想(北京)有限公司 A kind of switch internal memory method, device and there is the terminal of dual system
CN102981597B (en) * 2011-09-05 2016-03-30 联想(北京)有限公司 The control method of configurable peripheral device and portable terminal device
CN103001990A (en) * 2011-09-16 2013-03-27 腾讯科技(深圳)有限公司 Data relay method and data relay system
CN110730190A (en) * 2019-10-24 2020-01-24 深圳市永达电子信息股份有限公司 Safety isolation control computer system and method

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000016206A1 (en) * 1998-09-10 2000-03-23 Sanctum Ltd. Method and system for protecting operations of trusted internal networks

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1053507C (en) * 1994-10-07 2000-06-14 邵通 Method and device for controlling read and write of hard disc in computer
US6061711A (en) * 1996-08-19 2000-05-09 Samsung Electronics, Inc. Efficient context saving and restoring in a multi-tasking computing system environment
JP4072271B2 (en) * 1999-02-19 2008-04-09 株式会社日立製作所 A computer running multiple operating systems
CN1236922A (en) * 1999-05-27 1999-12-01 林光荣 Multi-platform computer with memory banks running simultaneously

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000016206A1 (en) * 1998-09-10 2000-03-23 Sanctum Ltd. Method and system for protecting operations of trusted internal networks

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
KARGER P A ET AL: "A VMM security kernel for the VAX architecture" PROCEEDINGS OF THE SYMPOSIUM ON RESEARCH IN SECURITY AND PRIVACY. OAKLAND, MAY 7 - 9, 1990; [PROCEEDINGS OF THE SYMPOSIUM ON RESEARCH IN SECURITY AND PRIVACY], LOS ALAMITOS, IEEE COMP. SOC. PRESS, US, vol. SYMP. 11, 7 May 1990 (1990-05-07), pages 2-19, XP010020182 ISBN: 978-0-8186-2060-7 *
KELEM N L ET AL: "A SEPARATION MODEL FOR VIRTUAL MACHINE MONITORS" PROCEEDINGS OF THE SYMPOSIUM ON RESEARCH IN SECURITY AND PRIVACY. OAKLAND, MAY 20 - 22, 1991; [PROCEEDINGS OF THE SYMPOSIUM ON RESEARCH IN SECURITY AND PRIVACY], LOS ALAMITOS, IEEE COMP. SOC. PRESS, US, vol. SYMP. 12, 20 May 1991 (1991-05-20), pages 78-86, XP000220789 ISBN: 978-0-8186-2168-0 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069555A (en) * 2020-08-13 2020-12-11 中国电子科技集团公司第三十研究所 Safe computer architecture based on double-hard-disk cold switching operation
CN112069555B (en) * 2020-08-13 2022-03-18 中国电子科技集团公司第三十研究所 Safe computer architecture based on double-hard-disk cold switching operation

Also Published As

Publication number Publication date
WO2002088955A2 (en) 2002-11-07
CN1383068A (en) 2002-12-04
EP1420343A4 (en) 2008-10-22
CN100356349C (en) 2007-12-19

Similar Documents

Publication Publication Date Title
US7370193B2 (en) Computing system being able to quickly switch between an internal and an external networks and a method thereof
US10210085B2 (en) Leveraging non-volatile memory for persisting data
EP2483799B1 (en) Portable desktop device and method of host computer system hardware recognition and configuration
KR100318975B1 (en) Method and apparatus for hibernation within a distributed data processing system
US7577871B2 (en) Computer system and method having isolatable storage for enhanced immunity to viral and malicious code infection
KR100620216B1 (en) Network Enhanced BIOS Enabling Remote Management of a Computer Without a Functioning Operating System
US20060242453A1 (en) System and method for managing hung cluster nodes
US11095445B2 (en) Key management and recovery
JPH1124801A (en) Remote network device and network system using the network device
US20080189707A1 (en) System and method for sharing a trusted platform module
JP2006072962A (en) Control system for controlling a plurality of target computers
US20120096305A1 (en) Method and System for Recovery of a Computing Environment
CN1834912B (en) ISCSI bootstrap driving system and method for expandable internet engine
EP1917583B1 (en) Connection of peripherals to operating systems
EP1420343A1 (en) Apparatus and method for realizing statetransition of computing device
US6918044B1 (en) Password protection for high reliability computer systems
US8346981B2 (en) Connection of peripherals to operating systems
US6904546B2 (en) System and method for interface isolation and operating system notification during bus errors
US20040088569A1 (en) Apparatus and a method for securely switching status of a computing system
US20210216640A1 (en) Systems and methods for hardware root of trust with protected redundant memory for authentication failure scenarios
US10747706B2 (en) Server event log storage and retrieval system
CN112912848A (en) Power supply request management method in cluster operation process
US20070050666A1 (en) Computer Network System and Related Method for Monitoring a Server
US7676682B2 (en) Lightweight management and high availability controller
KR20060135757A (en) Isolated multiplexed multi-dimensional processing in a virtual processing space having virus, spyware, and hacker protection features

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20031127

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO SI

A4 Supplementary search report drawn up and despatched

Effective date: 20080924

17Q First examination report despatched

Effective date: 20090108

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20090519